Researchers from Dragos said last week that the advanced persistent threat (APT) group, called Covellite, has been previously linked to attacks against US, European and East Asian organizations in the civilian energy sector.

While Covellite appears to lack the means to attack industrial control systems (ICSs) at present, the APT is still able to gather intelligence on intellectual property and internal industrial operations.

Researchers first recorded attacks against US targets performed by Covellite in 2017. A targeting phishing campaign was launched at a number of select US electric companies, of which fraudulent emails contained remote access tool (RAT) payloads used to conduct reconnaissance and maintain persistence on victim PCs.

However, it now appears that the US has been crossed off the target list -- in what appears to be an interesting time to do so, as North Korea has a current interest in patching up its relationship with America.

US President Trump and North Korean leader Kim Jong Un are soon to meet at a summit in Singapore.

The APT is still actively targeting organizations in other countries.

According to Dragos, Covellite's infrastructure and malware arsenal are similar to the North Korean Lazarus Group, also known as Hidden Cobra.

North Korea was blamed for the attack due to the Lazarus connection, an accusation the country has deemed "absurd."

A technical analysis of the APT has also revealed that Covellite is making use of malware developed from Lazarus toolkits.

Beyond this connection, however, Dragos is not certain of whether or not both groups and their campaigns are connected.

"Given the group's specific interest in infrastructure operations, rapidly improving capabilities, and history of aggressive targeting, Dragos considers this group a primary threat to the ICS industry," the researchers say.

State-sponsored threat actors emerge from most countries, and with the backing of states and far greater resources than most individual operations, they have the potential to cause the most damage.

Thank You

By registering you become a member of the CBS Interactive family of sites and you have read and agree to the Terms of Use, Privacy Policy and Video Services Policy. You agree to receive updates, alerts and promotions from CBS and that CBS may share information about you with our marketing partners so that they may contact you by email or otherwise about their products or services.
You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.